81% of Americans assume that health data gathered by any digital health app is protected under HIPAA—but it isn’t true

AUSTIN, Texas, July 11, 2023 (GLOBE NEWSWIRE) — ClearDATA®, the first and most comprehensive provider of healthcare-specific managed cloud, compliance and security services, today announced the results of its Digital Health and Data Privacy Survey. The survey, conducted online by The Harris Poll on behalf of ClearDATA, polled over 2,000 U.S. adults aged 18 and older, revealing the relationship Americans have with digital health services, including their digital care preferences and how concerned they are about health data privacy.

The survey found that 81% of Americans assume that all protected health data collected by digital health apps is protected under HIPAA. And while 68% of Americans say they are very or somewhat familiar with HIPAA, in reality, HIPAA does not safeguard protected health information (PHI) within the context of digital apps or other health companies in the same way it does for “covered health entities” like hospitals and providers. This means, in many cases, it’s perfectly legal for app makers to sell their users’ health data—and most Americans are utterly unaware of this potential invasion of privacy.

Meanwhile, the adoption of online or digital health services is fairly common among Americans: 44% said they have used online healthcare provider platforms, 39% have used pharmacy mobile apps and 37% have used digital health apps.

Key insights into Americans’ digital healthcare preferences and privacy concerns include:

  • Health privacy isn’t top of mind for many Americans. Over half of Americans who have ever used digital health apps (58%) have never considered where their protected health information/data is shared when using those apps. It may simply not be the most important concern for patients when navigating a health issue, or patients may incorrectly assume their data is universally protected by HIPAA, even within digital apps.
  • Many don’t consider privacy a key factor when choosing where to seek care. Only about a quarter of Americans (27%) say privacy or security of protected health information (PHI) is among the top three most important factors when choosing where to seek care. For most, the top three factors are whether their insurance is accepted (68%), the option for face-to-face, in-person care (49%) and a fast, immediate response time to book an appointment or receive medication (41%).
  • Younger generations are more likely to choose convenience over privacy. 54% of Americans ages 18-34 said the privacy and security of their personal health information was not as important to them as convenience, while 69% of those over age 65 disagreed, putting a higher premium on privacy and security. By the same token, 60% of Americans ages 18-34 would still use a digital health app if they knew data collected would be shared with third parties for marketing purposes, while only 17% of those over age 65 said the same thing.
  • Both the importance of privacy and familiarity with HIPAA increase with the level of education. As the level of education rises, so too does the value placed on privacy and security of health information. Americans with a college degree or higher would not use a digital health app if they knew protected health data collected would be shared with third parties (62% vs. 56% of those with high school or less education). Familiarity with HIPAA also rises alongside education—77% of those with a college degree or higher said they were very or somewhat familiar with HIPAA as compared to 56% of those with high school degrees or less. Women (72% vs. 64% men), those who are employed (70% vs. 65% unemployed), parents of kids under 18 (73% vs. 66% of those without kids under 18), married people (77% vs. 61% not married) and homeowners (72% vs. 60% renters) also tend to be more familiar with HIPAA than their counterparts.

“As more and more Americans flock to direct-to-consumer digital health apps and resources, most people don’t know the sensitive health data they share with these companies could be passed on to third-parties or sold to data brokers, without so much as a single consent form,” said Chris Bowen, CISO and founder of ClearDATA. “No company should ever be allowed to profit off a person’s private health information. Far more needs to be done to protect PHI at a regulatory level and, in the meantime, digital healthcare companies bear a particular responsibility to better educate patients about how their data will be used, and what they can do to keep their data private.”

To see the full results of ClearDATA’s Digital Health and Data Privacy survey, please visit cleardata.com. This survey was conducted online within the United States by The Harris Poll on behalf of ClearDATA from May 24 – 26, 2023 among 2,053 U.S. adults ages 18 and older. The sampling precision of Harris online polls is measured by using a Bayesian credible interval. For this study, the sample data is accurate to within +/- 2.7 percentage points using a 95% confidence level. For complete survey methodology, including weighting variables and subgroup sample sizes, please contact cleardata@bocacommunications.com.

About ClearDATA
Cloud Catalyst. Healthcare Protector.
ClearDATA is the first comprehensive provider of healthcare-specific managed cloud, compliance and security services, enabled by the powerful CyberHealth™ Platform. ClearDATA’s solutions enforce continuous cloud compliance, defend health innovation with healthcare-centric threat intelligence and security technology, and protect health data across all cloud environments from design time through run time. To learn more about how ClearDATA helps market-leading organizations modernize and protect healthcare with secure, highly accessible data in the cloud, visit cleardata.com.

BOCA Communications for ClearDATA